Effective Date: October 20, 2021
WalkMe and its affiliates, (“WalkMe“, “we” or “us“) are committed to protecting the privacy of the users of its website at www.WalkMe.com or any other website owned and/or operated by WalkMe (collectively, the “Site“) and its online products, including our web-based digital adoption platform (the “WalkMe System™) and the mobile version of our system (the “WalkMe Mobile™“) (WalkMe System™ and WalkMe Mobile™ each a “Service” and collectively the “Services“) provided to our enterprise customers (“Customers”).
This Privacy Policy explains the types of information we collect from you or that you may provide when you:
- visit our Site, make enquiries, request a demo of our Services or otherwise contact us (“Site Users”);
- set up and operate an account on behalf of a Customer using our Services (“Authorized Representative(s)”); and
- use our Services as an end user of a Customer (e.g. an employee of a Customer or client/user of a Customer’s platform or mobile application where the Service is deployed) (“End User(s)”).
Depending on your role as noted above, this Privacy Policy will apply to you differently and sets out our practices for collecting, using, maintaining, protecting, and disclosing that information, as well as your rights in determining what we do with the information that we collect and hold about you.
To the extent the General Data Protection Regulation or the UK GDPR (together referred to as the “GDPR”) applies to our own processing activities, WalkMe Ltd., WalkMe UK Limited or WalkMe, Inc. are the controller of such data (“Controller”) (unless otherwise stated).
If you are a California resident, please see the additional terms that apply to you here.
Please read this Privacy Policy carefully so that you understand your rights in relation to your personal information, and how we will collect, use and process your personal information. This Privacy Policy supplements any other privacy related notices and policies we may provide to you from time to time, and is not intended to override them. If you do not agree with this Privacy Policy in general or any part of it, you should not use our Services or otherwise provide your information to us.
NAVIGATING THIS PRIVACY POLICY
This Privacy Policy details WalkMe’s practices for the Site and Services it offers separately. In order to have the full picture of our privacy practices, you need to read the relevant section about the Site or Services you are using (see below links) together with the rest of this Privacy Policy.
- WALKME SERVICES: If you are an Authorized Representative or End User of one of our Customers, please see here for more information about the privacy practices in connection with the use of our Services.
- WALKME SITE: If you are a Site User, please see here for more information about the privacy practices in connection with the use of our Site.
A. YOUR RIGHTS
You may have certain legal rights in relation to your personal information under certain applicable laws (for instance if you are residing in Europe, United Kingdom or in California), for example, to receive a copy, rectify, port, restrict, erase, object to the processing of personal information and if processing is based on consent, to withdraw your consent.
Please note that a number of these rights only apply in certain circumstances and all of these rights may be limited by law. For example, where fulfilling your request would adversely affect other individuals or our trade secrets or intellectual property, where there are overriding public interests or where we are required by law to retain your personal information.
If you wish to exercise your applicable rights, please contact WalkMe (see contact details of our DPO below), our Customer (where you are an Authorized Representative or End User), or submit a request using this form. We or our Customer may need to carry out certain identification checks in order to carry out your request.
If you think we have infringed data protection laws, please contact our DPO at privacy@walkme.com or you can raise a complaint with the relevant data protection supervisory authority.
B. HOW LONG DO WE RETAIN INFORMATION
WalkMe will retain personal information for as long as required to provide the Site or Services and as necessary to comply with our legal obligations, resolve disputes and enforce our terms and conditions, other applicable terms of service and our policies.
WalkMe will not retain the personal information of Site Users for more than 7 years (for backup and litigation purposes).
Please note that WalkMe may retain information for longer than the required retention period. Such information may continue to be used by WalkMe in an aggregated and anonymised manner, where it is in WalkMe’s legitimate interests for the purpose of operating the Service or Site.
C. MINORS
Our Site and Services are not intended for children, and we do not knowingly collect data relating to children. Children must not use our Site or Services, except where their parent or guardian has provided consent, if this option is available in your location. If you use our Site or Services, you represent that you are at least the age of majority under the laws of the jurisdiction of your place of residence. If we learn that we have collected or have been sent personal information about or from a child, we reserve the right to delete that personal information as soon as reasonably practicable. If you believe that we might have collected or been sent information from a child, please contact our DPO at privacy@walkme.com as soon as possible.
D. INFORMATION SECURITY
We take steps to protect, enforce and maintain the security of our Services, Site, Customer information as well as the personal information of Authorized Representatives and End Users.
We use a combination of processes, technology and physical security controls to help protect personal information from unauthorized access, use, or disclosure. Although we do our best to protect your personal information, we cannot guarantee the security of your information transmitted over the internet and any transmission is at your own risk.
For more information about our security practices, please see here.
E. INTERNATIONAL TRANSFER OF PERSONAL INFORMATION WHERE THE GDPR APPLIES
As we are an international business, the personal information that we collect from you via our Site or Services will be transferred to, and stored at/processed in countries outside the European Economic Area (“EEA”) and the United Kingdom (“UK”). Your personal information is also processed by staff operating outside the EEA and the UK who work for us or one of our third party service providers or partners. We will take all steps reasonably necessary to ensure that your personal information is treated securely and in accordance with this Privacy Policy.
For any transfers of information outside the EEA or the UK, the data transfer will be under the European Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses), or any equivalent contracts issued by the relevant competent authority of the UK, as relevant, unless (i) the data transfer is to a country that has been determined by the European Commission or the relevant UK authorities, as applicable, to provide an adequate level of protection for individuals’ rights and freedoms for their personal information (such as Israel and Japan) or (ii) the transfer is necessary for the performance of a contract between us. To request a copy of the Standard Contractual Clauses or equivalent terms in place, please contact us at privacy@walkme.com.
WalkMe complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. WalkMe has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. WalkMe has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
WalkMe is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC) regarding personal data received or transferred pursuant to the DPF. In cases of onward transfer to third parties of Personal Data received pursuant to the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and/or the Swiss-U.S. DPF, WalkMe is potentially liable.
In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), WalkMe commits to resolve complaints about our collection or use of your personal information transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact WalkMe DPO at privacy@walkme.com.
WalkMe has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf
F. CHANGES TO THE PRIVACY POLICY
The terms of this Privacy Policy will govern the use of the Site and Services and any information collected in connection therewith, however, WalkMe may amend or update this Privacy Policy from time to time. The most current version of this Privacy Policy will always be posted on this page. We will endeavor to provide notice of material changes to this Privacy Policy through our Site, Services and/or via an e-mail. Such material changes will take effect seven (7) days after such notice was provided on our Site, Services or sent by email. Otherwise, all other changes to this Privacy Policy are effective as of the stated “Last Updated” date at the top of this Privacy Policy and your continued use of the Site and/or Services will constitute your written acceptance of, and agreement to be bound by, the changes to the Privacy Policy.
G. QUESTIONS, CONTACT INFORMATION AND COMPLAINTS
If you have any questions (or comments) concerning this Privacy Policy, you are welcome to send us an email or otherwise contact us at:
privacy@walkme.com or 1-855-4WALKME (925563 – Toll Free Number).
WalkMe, Inc., 71 Stevenson Street, Floor 20, San Francisco, California, 94105
USA
WalkMe UK Limited, Mazars. 30 Old Bailey, London, United Kingdom, EC4M 7AU (also acting as UK Representative for WalkMe, Inc. and WalkMe Ltd).
WalkMe Germany GmbH, Theodor Stern Kai 1, 60594 Frankfurt am Main, Deutschland (also acting as EU Representative for WalkMe Inc. and WalkMe Ltd).
WalkMe Ltd, 3 Kremenetski St, 2nd Floor, Tel-Aviv, 6789903, Israel
You can also contact our Data Protection Officer at: privacy@walkme.com